risk assessment - netwrix | visibility and governance …€¦ · · 2018-04-28risk assessment:...

Risk Assessment:

Unveil hidden risks and minimize your attack

surface

Presenter:

Roy Lopez

Systems Engineer

[email protected]

Type your question

here

Click “Send”

Housekeeping

• All attendees are on mute

• Ask your questions!

• Questions will be answered during the session or at the Q&A at the end

• You will receive a copy of slides and webinar recording in the follow-up email

• Duration: Up to 60 minutes

• We hope you enjoy!

Netwrix Auditor 9.5

Identify, Assess and Reduce Risks to Your

IT Infrastructure and Data

IT Risk Assessment_______________________________________

Identify and prioritize risks to makesmarter IT security decisions and

close security holes

#1: What are your organization’s critical information technology assets

#2: What are the top five business processes that utilize or require this information?

#3: What threats could affect the ability of those business functions to operate?

IT Risk Assessment Checklist ebook

https://try.netwrix.com/risk-assessment-checklist-

blog?cID=70170000000kgEZ

Getting started with Risk Assessment

https://try.netwrix.com/risk-assessment-checklist-blog?cID=70170000000kgEZ

Risk = Threat x Vulnerability x Asset

High Risk = Damage

• Data loss

• System or application downtime

• Legal consequences

What is Risk?

Step 1: Identify and Prioritize Assets

Step 2: Identify Threats

Step 3: Identify Vulnerabilities

Step 4: Analyze Controls

Step 5: Determine the Likelihood of an Incident

Step 6: Assess the Impact a Threat Could Have

Step 7: Prioritize the Risks

Step 8: Recommend Controls

Step 9: Document the Results

Step 10: Constantly begin anew this cycle

Risk Assessment Procedure

IT Risk Assessment In Netwrix Auditor 9.5:

• A set of interactive dashboards primarily for Active Directory, and File

Servers

• A set of interactive dashboards for Windows Servers

• Based on State-in-Time data

• Actionable intelligence to identify and close security gaps

• Detecting Stale Accounts in Active Directory

IT Risk Assessment

File names containingsensitive data

No file names that suggest sensitive data is inside

One file with a name suggesting that sensitive data is inside

Multiple files with names suggesting that sensitive data

is inside

Potentially harmful files on file shares

No executables on file shares One executable on file sharesSeveral executables on file

shares

User accounts with administrativeprivileges

A small proportion of users have administrative privileges

A significant proportion of users have administrative privileges

A large proportion of users have administrative privileges

ACCEPTABLE PAY ATTENTION TAKE ACTION

IT Risk Assessment. Risk Levels

Netwrix Auditor Intelligence Guide – Pages 44 through 48

IT Risk Assessment. Use Cases

Compliance checksPeriodic Assessments

!

✓

✗

✗

✗

✗

Initial Clean Up

How to Perform IT Risk Assessmenthttps://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/

How to Jump-Start GDPR Risk Assessmenthttps://blog.netwrix.com/2018/01/11/how-to-jump-start-gdpr-risk-assessment/

https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/

https://blog.netwrix.com/2018/01/11/how-to-jump-start-gdpr-risk-assessment/

Demonstration

Netwrix Auditor

Netwrix Auditor Applications

Netwrix Auditor for Active Directory

Netwrix Auditor for Windows File Servers

Netwrix Auditor for Oracle Database

Netwrix Auditor for Azure AD

Netwrix Auditor for EMC

Netwrix Auditor for SQL Server

Netwrix Auditor for Exchange

Netwrix Auditor for NetApp

Netwrix Auditor for Windows Server

Netwrix Auditor for Office 365

Netwrix Auditor for SharePoint

Netwrix Auditor for VMware

GA

Financial

Healthcare & Pharmaceutical

Federal, State, Local, Government

Industrial/Technology/Other

Netwrix Customers

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=6wDjoQcatgO4uM&tbnid=oawoCUMI8VM6_M:&ved=0CAUQjRw&url=http://helpfuldaddy.blogspot.com/2011/02/ing-direct-save-your-money.html&ei=fSUsUearAsuO2QX8w4H4Dw&bvm=bv.42965579,d.b2I&psig=AFQjCNFprcWcUSDoOPa7J0g39z038ITWXA&ust=1361934026503659

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=JPQNlbMHDjKVVM&tbnid=QR9OryKALHUARM:&ved=0CAUQjRw&url=http://www.jfklibrary.org/Asset-Viewer/84I18DgeJ0eSfqyUOJCKBg.aspx&ei=qiQsUdyJLKTL2QX04oCwDA&bvm=bv.42965579,d.b2I&psig=AFQjCNG0zMAC2EiZfo9QKQslot-KWiRfsg&ust=1361933862741107

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=0LazUvAulv0ENM&tbnid=iEoJoXOvkVliHM:&ved=0CAUQjRw&url=http://www.live-conference.ca/our-partners/current&ei=mywsUaCOGIrD2QWdg4DoCw&psig=AFQjCNH3zJHG_A2NL9dFlXOch1-IGFNJYw&ust=1361935895202860

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=gmLi1liNnkSnfM&tbnid=vboLnWzIf_2kEM:&ved=0CAUQjRw&url=http://web.alsa.org/site/PageServer?pagename=WLK_NC_sponsors_logos&ei=jycsUZLHNuW02wWDlYGoAg&bvm=bv.42965579,d.b2I&psig=AFQjCNGxg5MvV-lPKE3PW810HpMyikrnWA&ust=1361934601367999

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=OT3EZ8dNGeoi_M&tbnid=dG6x8lUYZ4X2AM:&ved=0CAUQjRw&url=http://magnacare.hrmdirect.com/employment/view.php?req=70896&&ei=eCYsUbGMHubm2AXP5ICACg&bvm=bv.42965579,d.b2I&psig=AFQjCNFOmJDtJQ9K-zSfflBqYH8Pk0qkKA&ust=1361934322746761

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=4DIDdLMLqNb5mM&tbnid=Cz7XFxEa0HIcQM:&ved=0CAUQjRw&url=http://www.famouslogos.net/u-s-army-logo&ei=3QgsUb8q4eLZBfG7gDg&psig=AFQjCNHumTv9RWugsQZXWxodUP6z98OigQ&ust=1361926746400808

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=K877csblDFAbCM&tbnid=Kw20pt47WvUaZM:&ved=0CAUQjRw&url=http://www2.eng.cam.ac.uk/~cnm24/archive.htm&ei=riUsUefZN6Ty2gW7j4GgCg&bvm=bv.42965579,d.b2I&psig=AFQjCNExRJlnQNuDuhJvtJ7a--vAxLqpUg&ust=1361934123238070

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=KpNBetuRaYDY-M&tbnid=mKd0EdNS0avvTM:&ved=0CAUQjRw&url=http://www.logodesignlove.com/nasa-logo&ei=ISksUd6wK4eQ2QXG7YDYDQ&psig=AFQjCNEz-1kDYCrIs9mDKrYin8ha55Fd_g&ust=1361935004806783

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=4IP1IETSDl9eLM&tbnid=rn0mKkNoELvahM:&ved=0CAUQjRw&url=http://joinbankon.org/about/supporters/&ei=TSgsUb-LN7S02AWo5YCoBQ&bvm=bv.42965579,d.b2I&psig=AFQjCNGLNMybhWpTsmdAecPKbRcKHbhjUw&ust=1361934786152835

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=HALl3mv64J1zuM&tbnid=tayw5VmSwCyd9M:&ved=0CAUQjRw&url=http://www.epa.gov/ncer/childrenscenters/centers/columbia.html&ei=UCssUZr-G6PI2gXVtYDoDQ&psig=AFQjCNFWFSYh4pC2mkoPY2AukAgToVkdhg&ust=1361935564865403

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=kgn6V4ZdIjXNNM&tbnid=AnMkmtrJhxx6PM:&ved=0CAUQjRw&url=http://www.forbes.com/sites/greatspeculations/2010/11/01/learn-to-love-deflation-not-dollar-devaluation/&ei=aiksUZLUPOiU2gXou4HICw&psig=AFQjCNEQZdhzyohKSNms2gkccQvwGHOJzg&ust=1361935075697450

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=mop5UbRbsdTnVM&tbnid=iie-NKANC7yeoM:&ved=0CAUQjRw&url=http://www.adavidcreation.com/how-do-you-turn-a-family-name-into-a-brand/walt-disney-logo/&ei=8_wrUZ2VDMaF2gXR6YHwCw&bvm=bv.42768644,d.b2I&psig=AFQjCNGf9jfwOlAumPN71qq1hu5pJusGRw&ust=1361923591720149

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=TzMjxNnptAQAGM&tbnid=n4eq_QeCM4MAeM:&ved=0CAUQjRw&url=http://www.dishwasher-info.com/&ei=AQgsUa2_EqT02gX8xYGQBw&bvm=bv.42768644,d.b2I&psig=AFQjCNG3DpKSQbroH3COv3z6DDCZ_X1fhQ&ust=1361926496542131

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=lIz_Vi6-EKVUwM&tbnid=xs2d-KK6noZmCM:&ved=0CAUQjRw&url=http://logo-city.org/category/9-politics/page/33/&ei=MCYsUcWjM_GA2AWd9oDoBw&bvm=bv.42965579,d.b2I&psig=AFQjCNFn0-kgveQTrwLRQ8aVfb9opGDJtg&ust=1361934251818630

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=L9wqj7RGjyg_PM&tbnid=zsjfcAh9-QjhzM:&ved=0CAUQjRw&url=http://barnabywhitfieldsblog.blogspot.com/2013/01/mitsubishi-logo.html&ei=8SQsUZWxL4XY2QWPsoHQAQ&bvm=bv.42965579,d.b2I&psig=AFQjCNEL_8mFQcDDCh_U4AaJJfoakrWzlw&ust=1361933932089881

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=LDQetqdA1EtAiM&tbnid=FP8qb7esoQUpOM:&ved=0CAUQjRw&url=http://www.uktechreviews.co.uk/hitachi/&ei=wyYsUdbuKrTa2wW114CgAg&bvm=bv.42965579,d.b2I&psig=AFQjCNEkHClrUrETpVw2Ybppttn0zINIxQ&ust=1361934389820946

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=vMSsoxOg38LdBM&tbnid=EwsqWbVI_J1xhM:&ved=0CAUQjRw&url=http://www.igu.org/committees/pgc/c/3rd_pgcc/&ei=TycsUZTQBuGW2AXs6oGgDw&bvm=bv.42965579,d.b2I&psig=AFQjCNERLnefWwSySKLyYdmJ_VRL07dJPQ&ust=1361934528660649

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=HTxZGcQvae_o5M&tbnid=Fx8uyihGZZx1DM:&ved=0CAUQjRw&url=http://northtexaslead.org/lead-partners/&ei=8CcsUbaVOIrt2QWdioGwDg&bvm=bv.42965579,d.b2I&psig=AFQjCNEZc0f6ckZs_KFYoU4cKqvPNXlZlw&ust=1361934697551466

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=BTrDb5Bw_J-ruM&tbnid=0keqAWxjVIJBpM:&ved=0CAUQjRw&url=http://www.userlogos.org/node/13708&ei=WC0sUd7FLcSy2gWckICIBA&psig=AFQjCNFlcrEPub5WuZoTFRteZ1TqCVPatw&ust=1361936084602738

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=WVtZ0VuuUJEKtM&tbnid=Ju_Ve2YsUUfF_M:&ved=0CAUQjRw&url=http://541aesthetic.wordpress.com/2008/09/12/element-79-loses-another-piece-of-pepsico-business/&ei=ryssUYHiBqPM2AXDyYG4Dw&psig=AFQjCNGcH4u5psc7TgKpIXac22nqsFvtBA&ust=1361935651387366

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=c_HIbgKY09Vr0M&tbnid=msapgbG9AuKBGM:&ved=0CAUQjRw&url=http://www.atalink.org/Industry/Partners/L3.aspx&ei=ISosUamxEq762AWYoICAAw&psig=AFQjCNGF4F4CbS8cTr0dfYmWu_ffY3mDIw&ust=1361935253936069

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=aZhs7FKJu2LtnM&tbnid=fCDsJTF8K32LBM:&ved=0CAUQjRw&url=http://takedesigns.com/ibm-logo/&ei=5yosUZTpOIXo2gXC-oDYCQ&psig=AFQjCNEGLGmkUMwdOVe83a6h8tFXDQBK3Q&ust=1361935428375904

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=czyTmzikEkvLSM&tbnid=ySjUEtdJJ7DswM:&ved=0CAUQjRw&url=http://www.yourlogoresources.com/chevron-logo/&ei=diosUeXBMILr2QWYp4GAAQ&psig=AFQjCNF_frt099nvbJvSvaaMKrx_dRlNKA&ust=1361935346315794

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=DkXXZCaWPp_AKM&tbnid=n4cL_j4PowkIfM:&ved=0CAUQjRw&url=http://amazoncares.blogspot.com/2010/05/flood-puppies-get-new-home-from-cg.html&ei=5issUfiaNsy02AXtroDgCg&psig=AFQjCNEAK2OeYpJ4DZSz6KqeVnRgqQdOdw&ust=1361935711365665

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=mJHSQ3Ow4Y7Z7M&tbnid=GSmez2pgkYx9CM:&ved=0CAUQjRw&url=http://logobuffer.com/a50e4c9/logo-hyundai.html&ei=MiwsUdSMMMaF2gX6_IHADg&psig=AFQjCNGBmsQ7BfksWcrXxhsKWhXkxVb31Q&ust=1361935790866285

All awards: www.netwrix.com/awards

Industry Awards and Recognition

Free Trial: setup in your own test environment:

On-premises: netwrix.com/freetrial

Virtual: netwrix.com/go/appliance

Cloud: netwrix.com/go/cloud

Test Drive: run a virtual POС in a Netwrix-hosted test lab netwrix.com/testdrive

Live Demo: product tour with Netwrix expert netwrix.com/livedemo

Contact Sales to obtain more information netwrix.com/contactsales

Webinars: join our upcoming webinars and watch the recorded sessions

• netwrix.com/webinars

• netwrix.com/webinars#featured

Next Steps

http://netwrix.com/freetrial

http://netwrix.com/go/appliance

http://netwrix.com/go/cloud

http://netwrix.com/testdrive

http://netwrix.com/livedemo

http://netwrix.com/contactsales

http://netwrix.com/webinars

http://netwrix.com/webinars#featured

Thank youThank You!

Presenter:

Roy Lopez

Systems Engineer

[email protected]

risk assessment - netwrix | visibility and governance …€¦ · · 2018-04-28risk assessment:...

Documents